$ rpki-client -vvf repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa File: 3132302e32392e3233312e302f32342d3234203d3e203338373634.roa (raw, json) Hash identifier: lP471DAs+VGEU2gNJAg4M1deWki7GoizfHdZip4yqT8= Subject key identifier: EE:BD:E9:F9:13:B7:B1:B9:0D:4C:92:2B:3B:B2:FD:A6:5D:D7:AD:5C Certificate issuer: /CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Certificate serial: 761D1A27A631C44F8B6A921A8BF276F8FCF00894 Authority key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject info access: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa Signing time: Wed 20 Mar 2024 10:02:07 +0000 ROA not before: Wed 20 Mar 2024 09:57:07 +0000 ROA not after: Wed 19 Mar 2025 10:02:07 +0000 asID: 38764 IP address blocks: 120.29.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 05:19:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:1d:1a:27:a6:31:c4:4f:8b:6a:92:1a:8b:f2:76:f8:fc:f0:08:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Validity Not Before: Mar 20 09:57:07 2024 GMT Not After : Mar 19 10:02:07 2025 GMT Subject: CN=EEBDE9F913B7B1B90D4C922B3BB2FDA65DD7AD5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c4:51:62:f7:08:37:9a:12:33:a2:97:7f:13: dd:02:a6:d8:34:32:fd:58:e0:49:aa:30:83:49:b1: c6:57:69:b6:e5:0e:35:67:0d:f1:c0:e7:a9:ac:e7: 6f:5b:c6:fe:d0:b5:a1:8b:5b:09:ef:73:49:05:71: 04:6c:f3:7d:c4:ca:50:92:03:ba:76:b3:f0:58:27: 5d:8c:ca:ab:79:f7:38:a6:ad:03:f2:70:66:9a:db: 38:13:9d:a9:e3:4d:52:46:03:5d:8a:31:55:c4:6f: 91:a8:48:05:da:13:3e:5c:d4:73:d3:13:48:b1:76: 29:cf:e6:30:b3:e1:93:eb:d1:0c:a1:31:55:e0:71: 38:78:5c:4f:f4:7a:fe:80:4a:42:68:54:8c:bd:bd: 3d:55:59:9c:29:7b:cf:81:ed:ce:76:39:d3:5a:10: 2f:15:72:84:de:75:9e:56:94:f1:41:b7:f9:b6:77: fd:22:95:46:66:4e:da:60:8c:82:90:1e:ae:b7:64: 18:e8:ad:ff:31:30:5b:2a:83:9f:44:1d:48:b8:56: 72:77:fd:1a:32:8a:72:d9:b2:42:5b:0c:39:cc:c2: d9:53:cf:cf:1d:d5:16:d0:0b:37:58:4e:3f:cf:29: 12:ae:52:b4:b6:cc:df:4d:73:d8:7a:ee:ea:a9:d6: f8:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:BD:E9:F9:13:B7:B1:B9:0D:4C:92:2B:3B:B2:FD:A6:5D:D7:AD:5C X509v3 Authority Key Identifier: keyid:3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3132302e32392e3233312e302f32342d3234203d3e203338373634.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.231.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:be:30:c9:9e:3d:4b:d3:3f:4f:32:d2:0f:34:7f:d0:f4:cf: ac:5f:11:cb:b1:b5:8d:9a:e1:88:32:77:c6:c4:f8:57:23:c5: 40:57:f2:d2:f8:8e:08:e1:b8:8b:a8:c1:7e:e5:95:ef:8d:71: 0a:a0:64:6a:0c:22:21:26:7c:6b:53:e7:43:60:a3:92:07:6f: 16:0d:06:19:de:2a:62:34:b7:73:08:26:81:a9:6d:c9:22:36: b4:9c:8f:c1:e2:c0:14:cd:ed:d7:4d:92:3b:4b:f5:09:1f:d0: 8a:8e:6d:3f:12:53:02:0e:d8:da:6c:7a:e3:1f:0a:10:2d:27: b9:39:38:66:40:10:3e:5d:47:83:83:6a:54:25:43:ee:fb:44: 0c:44:47:fe:97:3e:dc:dd:5c:f8:7f:f7:89:26:7d:ff:ee:d2: 49:08:e1:be:ec:ad:a8:f7:03:e4:6d:bf:f3:6f:4b:4e:4b:6a: 1b:45:a8:01:d0:3d:42:f2:e2:fd:d9:83:4b:95:03:67:3a:94: bf:b4:c8:3f:69:5c:81:4e:ab:7c:fe:96:ab:07:9d:eb:3b:9a: ee:c9:27:6c:bc:52:18:76:85:e0:c9:74:95:f9:6b:96:3f:50: 8d:4b:1b:78:83:71:3a:27:ed:0d:96:55:39:5b:98:50:80:5e: 2d:6c:65:bc -----BEGIN CERTIFICATE----- MIIFKDCCBBCgAwIBAgIUdh0aJ6YxxE+LapIai/J2+PzwCJQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdB MzVCMDI1MTAeFw0yNDAzMjAwOTU3MDdaFw0yNTAzMTkxMDAyMDdaMDMxMTAvBgNV BAMTKEVFQkRFOUY5MTNCN0IxQjkwRDRDOTIyQjNCQjJGREE2NUREN0FENUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbxFFi9wg3mhIzopd/E90Cptg0 Mv1Y4EmqMINJscZXabblDjVnDfHA56ms529bxv7QtaGLWwnvc0kFcQRs833EylCS A7p2s/BYJ12Myqt59zimrQPycGaa2zgTnanjTVJGA12KMVXEb5GoSAXaEz5c1HPT E0ixdinP5jCz4ZPr0QyhMVXgcTh4XE/0ev6ASkJoVIy9vT1VWZwpe8+B7c52OdNa EC8VcoTedZ5WlPFBt/m2d/0ilUZmTtpgjIKQHq63ZBjorf8xMFsqg59EHUi4VnJ3 /RoyinLZskJbDDnMwtlTz88d1RbQCzdYTj/PKRKuUrS2zN9Nc9h67uqp1vhfAgMB AAGjggIyMIICLjAdBgNVHQ4EFgQU7r3p+RO3sbkNTJIrO7L9pl3XrVwwHwYDVR0j BBgwFoAUPmZijAPKuMbW/N7b4HAFV6NbAlEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y MjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMC8zRTY2NjI4QzAz Q0FCOEM2RDZGQ0RFREJFMDcwMDU1N0EzNUIwMjUxLmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvM0U2NjYyOEMwM0NBQjhDNkQ2RkNERURCRTA3MDA1NTdBMzVC MDI1MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2FkLWMzYjktNDVhMC1i ZWI2LWJjZTQ4ZTJiMjI3Mi8wLzMxMzIzMDJlMzIzOTJlMzIzMzMxMmUzMDJmMzIz NDJkMzIzNDIwM2QzZTIwMzMzODM3MzYzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHgd5zANBgkqhkiG 9w0BAQsFAAOCAQEAjr4wyZ49S9M/TzLSDzR/0PTPrF8Ry7G1jZrhiDJ3xsT4VyPF QFfy0viOCOG4i6jBfuWV741xCqBkagwiISZ8a1PnQ2CjkgdvFg0GGd4qYjS3cwgm galtySI2tJyPweLAFM3t102SO0v1CR/Qio5tPxJTAg7Y2mx64x8KEC0nuTk4ZkAQ Pl1Hg4NqVCVD7vtEDERH/pc+3N1c+H/3iSZ9/+7SSQjhvuytqPcD5G2/829LTktq G0WoAdA9QvLi/dmDS5UDZzqUv7TIP2lcgU6rfP6Wqwed6zua7sknbLxSGHaF4Ml0 lflrlj9QjUsbeINxOiftDZZVOVuYUIBeLWxlvA== -----END CERTIFICATE-----Generated at Fri Nov 22 08:13:03 2024 by rpki-client on console-fra.rpki-client.org